The latest version of Kubernetes does not support Docker as a container runtime anymore. That is why many Kubernetes administrators have migrated their cluster’s container runtime from docker to another container runtime like containerd or cri-o. Or they will do that soon.



Old: entering a Container as root with Docker

Most containers that run on Kubernetes clusters do not run as root. But what, if you want to test a container and for that, you want to install and test some software manually before you create a new container image? With Docker that was easy. Just enter the container as root (id=0) and do with the container, whatever you want to do:

docker exec -it --rm -u 0 <container-id> bash

Now, that the containers are no Docker containers anymore, this is not possible anymore.

New: entering a Container as root with runc

However, you can runc to enter the container as root. Say, you want to enter a shell as root user in the container running on my-pod on my-namespace. First, you need to calculate the container ID. With that information you can enter the container using runc like follows:


CONTAINER=$(kubectl -n $NAMESPACE get pod $POD -o jsonpath="{.status.containerStatuses[].containerID}" | sed 's/.*\/\///')

sudo runc --root /run/containerd/runc/ exec -t -u 0 $CONTAINER sh

That’s it! You even do not need to install runc, since runc is part of the installation package if you have installed containerd (and I guess, also with cri-o…).

P.S.: if you still need to migrate your Kubernetes cluster from Docker container runtime to containerd runtime, you might be interested in this blog post:

Migrate Kubernetes Runtime from Docker to containerd


  1. 2 things here. 1) wait until you have a container ID your container must be in running state or there will be no ID yet. 2) You must run the „runc“ command on the worker node that your container is running on in case you have a K8s Cluster.


Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.